Index: htdocs/system/classes/feedbackhandler.php =================================================================== --- htdocs/system/classes/feedbackhandler.php (revision 3031) +++ htdocs/system/classes/feedbackhandler.php (working copy) @@ -18,7 +18,6 @@ */ public function act_add_comment() { - $defaults = array( 'name' => '', 'email' => '', @@ -27,35 +26,77 @@ ); // We need to get the post anyway to redirect back to the post page. - $post = Post::get( array( 'id'=>$this->handler_vars['id'] ) ); + $post = Post::get( array( 'id' => $this->handler_vars['id'] ) ); if( !$post ) { // trying to comment on a non-existent post? Weirdo. header('HTTP/1.1 403 Forbidden', true, 403); die(); } - // make sure all our default values are set so we don't throw undefined index errors - foreach ( $defaults as $k => $v ) { - if ( !isset( $this->handler_vars[ $k ] ) ) { - $this->handler_vars[ $k ] = $v; + $form = FeedbackHandler::get_formui($post); + $form->get(null, false); + // Was this a FormUI form, or a regular comment form? + if($form->submitted) { + if($form->success) { + $this->add_comment( + $post->id, + $form->name->value, + $form->email->value, + $form->url->value, + $form->content->value + ); } } + else { + // make sure all our default values are set so we don't throw undefined index errors + foreach ( $defaults as $k => $v ) { + if ( !isset( $this->handler_vars[ $k ] ) ) { + $this->handler_vars[ $k ] = $v; + } + } + $this->add_comment( + $this->handler_vars['id'], + $this->handler_vars['name'], + $this->handler_vars['email'], + $this->handler_vars['url'], + $this->handler_vars['content'] + ); + + } + } + + function add_comment($post, $name = null, $email = null, $url = null, $content = null) + { + if(is_numeric($post)) { + $post = Post::get( array( 'id' => $post ) ); + if( !$post ) { + // trying to comment on a non-existent post? Weirdo. + header('HTTP/1.1 403 Forbidden', true, 403); + die(); + } + } + elseif(!$post instanceof Post) { + // Not sure what you're trying to pull here, but that's no good + header('HTTP/1.1 403 Forbidden', true, 403); + die(); + } + // let's do some basic sanity checking on the submission - if ( ( 1 == Options::get( 'comments_require_id' ) ) && ( empty( $this->handler_vars['name'] ) || empty( $this->handler_vars['email'] ) ) ) { + if ( ( 1 == Options::get( 'comments_require_id' ) ) && ( empty( $name ) || empty( $email ) ) ) { Session::error(_t( 'Both name and e-mail address must be provided.' ) ); } - if ( empty( $this->handler_vars['content'] ) ) { + if ( empty( $content ) ) { Session::error( _t('You did not provide any content for your comment!') ); } if ( Session::has_errors() ) { // save whatever was provided in session data - Session::add_to_set('comment', $this->handler_vars['name'], 'name'); - Session::add_to_set('comment', $this->handler_vars['email'], 'email'); - Session::add_to_set('comment', $this->handler_vars['url'], 'url'); - Session::add_to_set('comment', $this->handler_vars['content'], 'content'); + Session::add_to_set('comment', $name, 'name'); + Session::add_to_set('comment', $email, 'email'); + Session::add_to_set('comment', $url, 'url'); + Session::add_to_set('comment', $content, 'content'); // now send them back to the form Utils::redirect( $post->permalink . '#respond' ); } @@ -68,13 +109,12 @@ } /* Sanitize data */ - foreach ( $defaults as $k => $v ) { - $this->handler_vars[$k] = InputFilter::filter( $this->handler_vars[$k] ); + foreach ( array('name', 'url', 'email', 'content') as $k ) { + $$k = InputFilter::filter( $$k ); } /* Sanitize the URL */ - if (!empty($this->handler_vars['url'])) { - $url = $this->handler_vars['url']; + if (!empty($url)) { $parsed = InputFilter::parse_url( $url ); if ( $parsed['is_relative'] ) { // guess if they meant to use an absolute link @@ -96,21 +136,20 @@ // http:moeffju.net/blog/ -> http://moeffju.net/blog/ $url = InputFilter::glue_url( $parsed ); } - $this->handler_vars['url'] = $url; } - if ( preg_match( '/^\p{Z}*$/u', $this->handler_vars['content'] ) ) { + if ( preg_match( '/^\p{Z}*$/u', $content ) ) { Session::error( _t( 'Comment contains only whitespace/empty comment' ) ); Utils::redirect( $post->permalink ); } /* Create comment object*/ $comment = new Comment( array( - 'post_id' => $this->handler_vars['id'], - 'name' => $this->handler_vars['name'], - 'email' => $this->handler_vars['email'], - 'url' => $this->handler_vars['url'], + 'post_id' => $post->id, + 'name' => $name, + 'email' => $email, + 'url' => $url, 'ip' => sprintf("%u", ip2long( $_SERVER['REMOTE_ADDR'] ) ), - 'content' => $this->handler_vars['content'], + 'content' => $content, 'status' => Comment::STATUS_UNAPPROVED, 'date' => HabariDateTime::date_create(), 'type' => Comment::COMMENT, @@ -144,11 +183,11 @@ // if no cookie exists, we should set one // but only if the user provided some details $cookie = 'comment_' . Options::get('GUID'); - if ( ( ! $user->loggedin ) + if ( ( ! User::identify()->loggedin ) && ( ! isset( $_COOKIE[$cookie] ) ) - && ( ! empty( $this->handler_vars['name'] ) - || ! empty( $this->handler_vars['email'] ) - || ! empty( $this->handler_vars['url'] ) + && ( ! empty( $name ) + || ! empty( $email ) + || ! empty( $url ) ) ) { @@ -161,5 +200,25 @@ // Return the commenter to the original page. Utils::redirect( $post->permalink . $anchor ); } + + public static function get_formui($post) + { + $form = new FormUI('comment_' . $post->id); + $form->append('text', 'name', 'null:null', 'Name:')->add_validator('validate_required', _t('The Name field value is required'))->id = 'name'; + $form->append('text', 'email', 'null:null', 'Email:')->add_validator('validate_email', _t('The Email field value must be a valid email address'))->id = 'email'; + if(Options::get('comments_require_id') == 1) { + $form->email->add_validator('validate_required', _t('The Email field value is required')); + } + $form->append('text', 'url', 'null:null', 'Web Site:')->add_validator('validate_url', _t('The Web Site field value must be a valid URL'))->id = 'url'; + $form->append('textarea', 'content', 'null:null', 'Comment:')->add_validator('validate_required', _t('The Content field value is required'))->id = 'content'; + $form->append('submit', 'submit', 'Add Comment')->id = 'submit'; + $form->append('hidden', 'post_id', 'null:null')->value = $post->id; + + //$form->set_option('form_action', URL::get('submit_feedback', array('id' => $post->id))); + + $form->class = 'comment_form'; + + return $form; + } } ?> Index: htdocs/system/classes/theme.php =================================================================== --- htdocs/system/classes/theme.php (revision 3031) +++ htdocs/system/classes/theme.php (working copy) @@ -772,6 +772,33 @@ } /** + * Produces a comment form for a specific post + * + * @param Theme $theme The theme instance this function was called from + * @param Post $post The post do display the comment for + * @param string $template optional name of the template to use to display this form + * @return string The form output + */ + public function theme_comment_form($theme, $post, $template = null) + { + $form = FeedbackHandler::get_formui($post); + + //$form->on_success('submit_comment_form'); + + if(isset($template)) { + $form_template = (array)$form->get_option('template'); + array_unshift($form_template, $template); + $form->set_option('template', $form_template); + + return $form->get($theme); + } + else { + return $form->get(); + } + + } + + /** * Detects if a variable is assigned to the template engine for use in * constructing the template's output. *